VARIoT latest news about IoT security

CVE-2025-41672 - WAGO: Vulnerability in WAGO Device Sphere - SecAlerts Trust: 4.0 Fetched: July 11, 2025, 9:32 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

wago

model:

wago

db:

NVD

ids:

CVE-2025-41672

Critical Bluetooth Protocol Vulnerabilities Expose Devices to RCE Attacks Trust: 3.75 Fetched: July 11, 2025, 9:32 a.m., Published: July 10, 2025, 12:11 p.m.	Vulnerabilities: code execution, memory corruption

Affected products

External IDs

db:

NVD

ids:

CVE-2024-45431, CVE-2024-45434, CVE-2024-45433, CVE-2024-45432

Actively exploited vulnerability gives extraordinary control over server fleets - Ars Technica Trust: 4.0 Fetched: July 11, 2025, 9:32 a.m., Published: June 26, 2025, 10:52 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

huawei

model:

huawei

db:

NVD

ids:

CVE-2024-54085

Microsoft Patch Tuesday July 2025: 130 Vulnerabilities Patched, Including 1 Zero-Day and 41 RCE Flaws Trust: 3.75 Fetched: July 11, 2025, 9:31 a.m., Published: July 8, 2025, 6 p.m.	Vulnerabilities: denial of service, feature bypass, information disclosure...

Affected products

External IDs

db:

NVD

ids:

CVE-2025-47972, CVE-2025-48818, CVE-2025-47985, CVE-2025-47991, CVE-2025-48823, CVE-2025-48817, CVE-2025-36350, CVE-2025-48806, CVE-2025-36357, CVE-2025-48003, CVE-2025-47178, CVE-2025-49683, CVE-2025-49740, CVE-2025-49689, CVE-2025-49729, CVE-2025-48824, CVE-2025-49725, CVE-2025-48809, CVE-2025-49668, CVE-2025-49659, CVE-2025-49682, CVE-2025-49670, CVE-2025-49731, CVE-2025-48819, CVE-2025-48821, CVE-2025-47998, CVE-2025-48802, CVE-2025-47988, CVE-2025-48800, CVE-2025-49695, CVE-2025-47999, CVE-2025-49701, CVE-2025-49673, CVE-2025-49739, CVE-2025-48811, CVE-2025-47975, CVE-2025-49730, CVE-2025-49690, CVE-2025-49663, CVE-2025-49667, CVE-2025-49735, CVE-2025-49664, CVE-2025-33054, CVE-2025-47159, CVE-2025-49691, CVE-2025-49678, CVE-2025-48000, CVE-2025-49732, CVE-2025-48002, CVE-2025-48810, CVE-2025-49718, CVE-2025-49733, CVE-2025-49737, CVE-2025-47980, CVE-2025-48808, CVE-2025-49671, CVE-2025-49674, CVE-2025-49666, CVE-2025-47971, CVE-2025-48816, CVE-2025-49699, CVE-2025-49680, CVE-2025-49711, CVE-2025-49704, CVE-2025-49702, CVE-2025-49727, CVE-2025-48805, CVE-2025-47982, CVE-2025-49677, CVE-2025-49676, CVE-2025-49669, CVE-2025-49717, CVE-2025-48814, CVE-2025-48001, CVE-2025-49679, CVE-2025-49722, CVE-2025-49714, CVE-2025-49672, CVE-2025-49688, CVE-1980-0000, CVE-2025-49719, CVE-2025-48815, CVE-2025-26636, CVE-2025-49721, CVE-2025-48804, CVE-2025-49700, CVE-2025-49697, CVE-2025-49698, CVE-2025-48799, CVE-2025-49693, CVE-2025-49703, CVE-2024-36350, CVE-2025-49726, CVE-2025-49705, CVE-2025-49660, CVE-2025-47981, CVE-2025-49694, CVE-2025-49685, CVE-2025-49686, CVE-2025-49724, CVE-2025-49753, CVE-2025-47993, CVE-2025-49665, CVE-2025-49661, CVE-2025-49756, CVE-2025-49658, CVE-2025-49684, CVE-2025-48822, CVE-2025-47976, CVE-2025-49723, CVE-2025-49687, CVE-2025-47994, CVE-2025-47987, CVE-2025-47973, CVE-2025-49681, CVE-2025-49744, CVE-2025-49716, CVE-2025-47986, CVE-2025-49657, CVE-2025-48812, CVE-2025-49675, CVE-2025-49706, CVE-2025-48820, CVE-2025-48803, CVE-2025-49696, CVE-2025-47984, CVE-2025-49760, CVE-2025-49738, CVE-2025-47996, CVE-2025-21195, CVE-2025-49742

Citrix Trust: 4.5 Fetched: July 11, 2025, 9:30 a.m., Published: July 7, 2025, 4:48 p.m.	Vulnerabilities: session hijacking, memory leak

Affected products

External IDs

vendor:	comcast	model:	xfinity
vendor:	citrix	model:	netscaler adc
vendor:	citrix	model:	gateway
vendor:	citrix	model:	netscaler gateway
vendor:	citrix	model:	netscaler
vendor:	xfinity	model:	gateway

db:

NVD

ids:

CVE-2023-4966, CVE-2025-5777

Hackers Actively Exploiting CitrixBleed 2 Vulnerability in the Wild Trust: 5.25 Fetched: July 11, 2025, 9:29 a.m., Published: July 11, 2025, 7:47 a.m.	Vulnerabilities: authentication flaw, improper memory handling

Affected products

External IDs

vendor:	citrix	model:	netscaler adc
vendor:	citrix	model:	gateway
vendor:	citrix	model:	netscaler gateway
vendor:	citrix	model:	netscaler

db:

NVD

ids:

CVE-2025-5777

Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service Vulnerability Trust: 5.0 Fetched: July 11, 2025, 9:29 a.m., Published: June 18, 2025, 3:56 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	meraki mx firmware
vendor:	cisco	model:	anyconnect vpn client
vendor:	cisco	model:	vpn client
vendor:	cisco	model:	series
vendor:	cisco	model:	meraki mx

CVE-2025-27025: High-Risk Directory Traversal Vulnerability Due to Unsecure TCP Port Endpoint Access - Cybersecurity Exploit Tracker by Ameeba Trust: 4.75 Fetched: July 11, 2025, 9:28 a.m., Published: July 8, 2025, 7:59 a.m.	Vulnerabilities: directory traversal, traversal attack

Affected products

External IDs

db:

NVD

ids:

CVE-2025-27025

New PerfektBlue Attack Exposes Millions of Cars to Remote Hacking Trust: 3.75 Fetched: July 11, 2025, 9:28 a.m., Published: July 10, 2025, 11:47 a.m.	Vulnerabilities: code execution, memory corruption, improper validation

Affected products

External IDs

db:

NVD

ids:

CVE-2024-45431, CVE-2024-45434, CVE-2024-45433, CVE-2024-45432

Phoenix Contact device vulnerabilities: Find affected assets Trust: 3.5 Fetched: July 11, 2025, 9:11 a.m., Published: July 11, 2025, 1:37 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	phoenix contact	model:	axc f 2152
vendor:	phoenix contact	model:	plcnext
vendor:	phoenix	model:	contact axc f

db:

NVD

ids:

CVE-2025-41668, CVE-2025-41666, CVE-2025-41667, CVE-2025-41665

Critical CitrixBleed 2 vulnerability has been under active exploit for weeks - Ars Technica Trust: 3.75 Fetched: July 11, 2025, 9:09 a.m., Published: July 9, 2025, 2:18 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	comcast	model:	xfinity
vendor:	citrix	model:	netscaler application delivery controller
vendor:	citrix	model:	application delivery controller
vendor:	citrix	model:	gateway
vendor:	citrix	model:	netscaler gateway
vendor:	citrix	model:	netscaler
vendor:	xfinity	model:	gateway

db:

NVD

ids:

CVE-2023-4966, CVE-2025-5777

Copy apps & data from an Android to a new Android device - Android Help Trust: 3.0 Fetched: July 11, 2025, 9:09 a.m., Published: July 8, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

Invisible UI Trick: The Latest TapTrap Exploit on Android Devices Trust: 3.0 Fetched: July 9, 2025, 9:58 a.m., Published: July 9, 2025, 5:14 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

CVE-2025-6881: Critical Buffer Overflow Vulnerability in D-Link DI-8100 - Cybersecurity Exploit Tracker by Ameeba Related entries in the VARIoT vulnerabilities database: VAR-202506-3348 Trust: 5.0 Fetched: July 9, 2025, 9:56 a.m., Published: July 5, 2025, 3:29 a.m.	Vulnerabilities: buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2025-6881

Update Canonical Ubuntu Desktop: USN-7612-1: Flask-CORS vulnerabilities Trust: 4.0 Fetched: July 9, 2025, 9:55 a.m., Published: Jan. 9, 7612, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

canonical

model:

ubuntu

db:

NVD

ids:

CVE-2024-6866, CVE-2024-6844, CVE-2024-6839, CVE-2024-6221, CVE-2024-1681

CVE-2025-41224 : Access Control Vulnerability in RUGGEDCOM Network Devices by Siemens Trust: 5.0 Fetched: July 9, 2025, 9:55 a.m., Published: July 8, 2025, 10:35 a.m.	Vulnerabilities: access control vulnerability

Affected products

External IDs

vendor:

siemens

model:

ruggedcom

db:

NVD

ids:

CVE-2025-41224

Update Canonical Ubuntu Desktop: USN-7615-1: ClamAV vulnerabilities Trust: 5.75 Fetched: July 9, 2025, 9:54 a.m., Published: Jan. 9, 7615, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	clamav	model:	clamav
vendor:	canonical	model:	ubuntu

db:

NVD

ids:

CVE-2025-20234, CVE-2025-20260

Specific Ricoh MFP and Printer Products - Multiple vulnerabilities (CVE-2017-9765, CVE-2024-2169, CVE-2024-51977, CVE-2024-51979, CVE-2024-51980, CVE-2024-51981, CVE-2024-51982, CVE-2024-51983, CVE-2024-51984) \| Ricoh Finland Trust: 3.25 Fetched: July 9, 2025, 9:51 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-51977, CVE-2024-51982, CVE-2024-2169, CVE-2024-51981, CVE-2024-51979, CVE-2017-9765, CVE-2024-51980, CVE-2024-51984, CVE-2024-51983

Specific Ricoh MFP and Printer Products - Multiple vulnerabilities (CVE-2017-9765, CVE-2024-2169, CVE-2024-51977, CVE-2024-51979, CVE-2024-51980, CVE-2024-51981, CVE-2024-51982, CVE-2024-51983, CVE-2024-51984) \| Ricoh Sverige Trust: 3.25 Fetched: July 9, 2025, 9:50 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-51977, CVE-2024-51982, CVE-2024-2169, CVE-2024-51981, CVE-2024-51979, CVE-2017-9765, CVE-2024-51980, CVE-2024-51984, CVE-2024-51983

Understanding and Addressing Linux Vulnerabilities \| LinuxVox.com Trust: 3.75 Fetched: July 9, 2025, 9:49 a.m., Published: July 9, 2025, midnight	Vulnerabilities: privilege escalation, sql injection, buffer overflow

Affected products	External IDs

VARIoT news about IoT security